[Mailman-Users] Web Admin Security Question

Dennis Putnam dap1 at bellsouth.net
Wed May 23 21:15:40 CEST 2012 

On 5/23/2012 1:25 PM, Mark Sapiro wrote:
> Dennis Putnam wrote:
>> When I use http://... it brings up the correct page. As I said
>> originally, everything works if I use http or if I manually use https.
>> It is forcing https that doesn't. Once again it seems to be pointing to
>> the rewrite engine not working.
>
> When you use http://... and you get the page, does it still say
> http://... in the browser's address bar?
Yes
>
> When you access the pages via https://... Are the links on the pages
> also to https://...?
Yes
>
> Are there any errors logged by apache at startup time?
No
>
> Is rewrite_module (mod_rewrite) loaded in httpd.conf, e.g.
Yes
>
> LoadModule rewrite_module modules/mod_rewrite.so
>
> Is your mailman domain a virtual host, i.e. in a VirtualHost block
> either by name or IP. If so, the rewrite directives need to be in the
> VirtualHost block. See "Rewriting in Virtual Hosts" at
> <http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html>.
Yes and it is in the VH block.

I also figured out how to add debug info for the rewrite engine. I don't
know what is supposed to be there but here is what I got (the
implication being I must have the wrong condition or rule).

64.100.144.9 - - [23/May/2012:14:54:21 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (2) init
rewrite engine with requested uri /mailman/listinfo
64.100.144.9 - - [23/May/2012:14:54:21 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
pattern '^/mailman(/.*)' to uri '/mailman/listinfo'
64.100.144.9 - - [23/May/2012:14:54:21 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
pattern '^/cufs(/.*)' to uri '/mailman/listinfo'
64.100.144.9 - - [23/May/2012:14:54:21 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (1) pass
through /mailman/listinfo
64.100.144.9 - - [23/May/2012:14:54:26 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (2) init
rewrite engine with requested uri /mailman/admin
64.100.144.9 - - [23/May/2012:14:54:26 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
pattern '^/mailman(/.*)' to uri '/mailman/admin'
64.100.144.9 - - [23/May/2012:14:54:26 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
pattern '^/cufs(/.*)' to uri '/mailman/admin'
64.100.144.9 - - [23/May/2012:14:54:26 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (1) pass
through /mailman/admin
64.100.144.9 - - [23/May/2012:14:54:33 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
pattern '^/mailman(/.*)' to uri '/mailman/admin/cufsalumni'
64.100.144.9 - - [23/May/2012:14:54:33 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (3) applying
pattern '^/cufs(/.*)' to uri '/mailman/admin/cufsalumni'
64.100.144.9 - - [23/May/2012:14:54:33 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b6386c20/initial] (1) pass
through /mailman/admin/cufsalumni
64.100.144.9 - - [23/May/2012:14:54:33 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b638cc38/subreq] (2) init rewrite
engine with requested uri /cufsalumni
64.100.144.9 - - [23/May/2012:14:54:33 --0400]
[myhost.mydomain.com/sid#b7544e28][rid#b638cc38/subreq] (1) pass through
/cufsalumni

The incoming URL is http://myhost.mydomain.com/mailman/admin



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/mailman-users/attachments/20120523/a2c3d640/attachment-0001.pgp>

More information about the Mailman-Users mailing list